TOMOYO: Add mount restriction.

obj-y = common.o realpath.o tomoyo.o domain.o file.o gc.o path_group.o number_group.o

obj-y = common.o realpath.o tomoyo.o domain.o file.o gc.o path_group.o number_group.o mount.o

				if (perm & (1 << i))

				if (perm & (1 << i))

					count++;

					count++;

			break;

			break;

		case TOMOYO_TYPE_MOUNT_ACL:

			if (!container_of(ptr, struct tomoyo_mount_acl, head)->

			    is_deleted)

				count++;

		}

		}

	}

	}

	if (count < tomoyo_check_flags(domain, TOMOYO_MAX_ACCEPT_ENTRY))

	if (count < tomoyo_check_flags(domain, TOMOYO_MAX_ACCEPT_ENTRY))

		domain->ignore_global_allow_read = !is_delete;

		domain->ignore_global_allow_read = !is_delete;

		return 0;

		return 0;

	}

	}

        if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALLOW_MOUNT))

                return tomoyo_write_mount_policy(data, domain, is_delete);

	return tomoyo_write_file_policy(data, domain, is_delete);

	return tomoyo_write_file_policy(data, domain, is_delete);

}

}

	return false;

	return false;

}

}

/**

 * tomoyo_print_mount_acl - Print a mount ACL entry.

 *

 * @head: Pointer to "struct tomoyo_io_buffer".

 * @ptr:  Pointer to "struct tomoyo_mount_acl".

 *

 * Returns true on success, false otherwise.

 */

static bool tomoyo_print_mount_acl(struct tomoyo_io_buffer *head,

				   struct tomoyo_mount_acl *ptr)

{

	const int pos = head->read_avail;

	if (!tomoyo_io_printf(head, TOMOYO_KEYWORD_ALLOW_MOUNT) ||

	    !tomoyo_print_name_union(head, &ptr->dev_name) ||

	    !tomoyo_print_name_union(head, &ptr->dir_name) ||

	    !tomoyo_print_name_union(head, &ptr->fs_type) ||

	    !tomoyo_print_number_union(head, &ptr->flags) ||

	    !tomoyo_io_printf(head, "\n")) {

		head->read_avail = pos;

		return false;

	}

	return true;

}

/**

/**

 * tomoyo_print_entry - Print an ACL entry.

 * tomoyo_print_entry - Print an ACL entry.

 *

 *

				       head);

				       head);

		return tomoyo_print_path_number3_acl(head, acl);

		return tomoyo_print_path_number3_acl(head, acl);

	}

	}

	if (acl_type == TOMOYO_TYPE_MOUNT_ACL) {

		struct tomoyo_mount_acl *acl

			= container_of(ptr, struct tomoyo_mount_acl, head);

		return tomoyo_print_mount_acl(head, acl);

	}

	BUG(); /* This must not happen. */

	BUG(); /* This must not happen. */

	return false;

	return false;

}

}

/* Keywords for ACLs. */

/* Keywords for ACLs. */

#define TOMOYO_KEYWORD_ALIAS                     "alias "

#define TOMOYO_KEYWORD_ALIAS                     "alias "

#define TOMOYO_KEYWORD_ALLOW_MOUNT               "allow_mount "

#define TOMOYO_KEYWORD_ALLOW_READ                "allow_read "

#define TOMOYO_KEYWORD_ALLOW_READ                "allow_read "

#define TOMOYO_KEYWORD_DELETE                    "delete "

#define TOMOYO_KEYWORD_DELETE                    "delete "

#define TOMOYO_KEYWORD_DENY_REWRITE              "deny_rewrite "

#define TOMOYO_KEYWORD_DENY_REWRITE              "deny_rewrite "

	TOMOYO_TYPE_PATH2_ACL,

	TOMOYO_TYPE_PATH2_ACL,

	TOMOYO_TYPE_PATH_NUMBER_ACL,

	TOMOYO_TYPE_PATH_NUMBER_ACL,

	TOMOYO_TYPE_PATH_NUMBER3_ACL,

	TOMOYO_TYPE_PATH_NUMBER3_ACL,

	TOMOYO_TYPE_MOUNT_ACL,

};

};

/* Index numbers for File Controls. */

/* Index numbers for File Controls. */

	TOMOYO_TYPE_SYMLINK,

	TOMOYO_TYPE_SYMLINK,

	TOMOYO_TYPE_REWRITE,

	TOMOYO_TYPE_REWRITE,

	TOMOYO_TYPE_CHROOT,

	TOMOYO_TYPE_CHROOT,

	TOMOYO_TYPE_MOUNT,

	TOMOYO_TYPE_UMOUNT,

	TOMOYO_TYPE_UMOUNT,

	TOMOYO_MAX_PATH_OPERATION

	TOMOYO_MAX_PATH_OPERATION

};

};

 *

 *

 * Directives held by this structure are "allow_read/write", "allow_execute",

 * Directives held by this structure are "allow_read/write", "allow_execute",

 * "allow_read", "allow_write", "allow_unlink", "allow_rmdir",

 * "allow_read", "allow_write", "allow_unlink", "allow_rmdir",

 * "allow_truncate", "allow_symlink", "allow_rewrite", "allow_chroot",

 * "allow_truncate", "allow_symlink", "allow_rewrite", "allow_chroot" and

 * "allow_mount" and "allow_unmount".

 * "allow_unmount".

 */

 */

struct tomoyo_path_acl {

struct tomoyo_path_acl {

	struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */

	struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_PATH_ACL */

	struct tomoyo_name_union name2;

	struct tomoyo_name_union name2;

};

};

/*

 * tomoyo_mount_acl is a structure which is used for holding an

 * entry for mount operation.

 * It has following fields.

 *

 *  (1) "head" which is a "struct tomoyo_acl_info".

 *  (2) "is_deleted" is boolean.

 *  (3) "dev_name" is the device name.

 *  (4) "dir_name" is the mount point.

 *  (5) "flags" is the mount flags.

 *

 * Directives held by this structure are "allow_rename", "allow_link" and

 * "allow_pivot_root".

 */

struct tomoyo_mount_acl {

	struct tomoyo_acl_info head; /* type = TOMOYO_TYPE_MOUNT_ACL */

	bool is_deleted;

	struct tomoyo_name_union dev_name;

	struct tomoyo_name_union dir_name;

	struct tomoyo_name_union fs_type;

	struct tomoyo_number_union flags;

};

/*

/*

 * tomoyo_io_buffer is a structure which is used for reading and modifying

 * tomoyo_io_buffer is a structure which is used for reading and modifying

 * configuration via /sys/kernel/security/tomoyo/ interface.

 * configuration via /sys/kernel/security/tomoyo/ interface.

/* Check whether the given name matches the given name_union. */

/* Check whether the given name matches the given name_union. */

bool tomoyo_compare_name_union(const struct tomoyo_path_info *name,

bool tomoyo_compare_name_union(const struct tomoyo_path_info *name,

			       const struct tomoyo_name_union *ptr);

			       const struct tomoyo_name_union *ptr);

/* Check whether the given number matches the given number_union. */

bool tomoyo_compare_number_union(const unsigned long value,

				 const struct tomoyo_number_union *ptr);

/* Check whether the domain has too many ACL entries to hold. */

/* Check whether the domain has too many ACL entries to hold. */

bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r);

bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r);

/* Transactional sprintf() for policy dump. */

/* Transactional sprintf() for policy dump. */

const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain);

const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain);

/* Convert single path operation to operation name. */

/* Convert single path operation to operation name. */

const char *tomoyo_path2keyword(const u8 operation);

const char *tomoyo_path2keyword(const u8 operation);

/* Fill "struct tomoyo_request_info". */

int tomoyo_init_request_info(struct tomoyo_request_info *r,

			     struct tomoyo_domain_info *domain);

/* Check permission for mount operation. */

int tomoyo_mount_permission(char *dev_name, struct path *path, char *type,

			    unsigned long flags, void *data_page);

/* Create "alias" entry in exception policy. */

/* Create "alias" entry in exception policy. */

int tomoyo_write_alias_policy(char *data, const bool is_delete);

int tomoyo_write_alias_policy(char *data, const bool is_delete);

/*

/*

			     const bool is_delete);

			     const bool is_delete);

/* Create "allow_read" entry in exception policy. */

/* Create "allow_read" entry in exception policy. */

int tomoyo_write_globally_readable_policy(char *data, const bool is_delete);

int tomoyo_write_globally_readable_policy(char *data, const bool is_delete);

/* Create "allow_mount" entry in domain policy. */

int tomoyo_write_mount_policy(char *data, struct tomoyo_domain_info *domain,

			      const bool is_delete);

/* Create "deny_rewrite" entry in exception policy. */

/* Create "deny_rewrite" entry in exception policy. */

int tomoyo_write_no_rewrite_policy(char *data, const bool is_delete);

int tomoyo_write_no_rewrite_policy(char *data, const bool is_delete);

/* Create "file_pattern" entry in exception policy. */

/* Create "file_pattern" entry in exception policy. */

struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *

struct tomoyo_domain_info *tomoyo_find_or_assign_new_domain(const char *

							    domainname,

							    domainname,

							    const u8 profile);

							    const u8 profile);

/* Get patterned pathname. */

const struct tomoyo_path_info *

tomoyo_get_file_pattern(const struct tomoyo_path_info *filename);

/* Allocate memory for "struct tomoyo_path_group". */

/* Allocate memory for "struct tomoyo_path_group". */

struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name);

struct tomoyo_path_group *tomoyo_get_path_group(const char *group_name);

struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name);

struct tomoyo_number_group *tomoyo_get_number_group(const char *group_name);

		&& tomoyo_is_same_number_union(&p1->number, &p2->number);

		&& tomoyo_is_same_number_union(&p1->number, &p2->number);

}

}

static inline bool tomoyo_is_same_mount_acl(const struct tomoyo_mount_acl *p1,

					    const struct tomoyo_mount_acl *p2)

{

	return tomoyo_is_same_acl_head(&p1->head, &p2->head) &&

		tomoyo_is_same_name_union(&p1->dev_name, &p2->dev_name) &&

		tomoyo_is_same_name_union(&p1->dir_name, &p2->dir_name) &&

		tomoyo_is_same_name_union(&p1->fs_type, &p2->fs_type) &&

		tomoyo_is_same_number_union(&p1->flags, &p2->flags);

}

static inline bool tomoyo_is_same_domain_initializer_entry

static inline bool tomoyo_is_same_domain_initializer_entry

(const struct tomoyo_domain_initializer_entry *p1,

(const struct tomoyo_domain_initializer_entry *p1,

 const struct tomoyo_domain_initializer_entry *p2)

 const struct tomoyo_domain_initializer_entry *p2)

	[TOMOYO_TYPE_SYMLINK]    = "symlink",

	[TOMOYO_TYPE_SYMLINK]    = "symlink",

	[TOMOYO_TYPE_REWRITE]    = "rewrite",

	[TOMOYO_TYPE_REWRITE]    = "rewrite",

	[TOMOYO_TYPE_CHROOT]     = "chroot",

	[TOMOYO_TYPE_CHROOT]     = "chroot",

	[TOMOYO_TYPE_MOUNT]      = "mount",

	[TOMOYO_TYPE_UMOUNT]     = "unmount",

	[TOMOYO_TYPE_UMOUNT]     = "unmount",

};

};

 *

 *

 * Returns mode.

 * Returns mode.

 */

 */

static int tomoyo_init_request_info(struct tomoyo_request_info *r,

int tomoyo_init_request_info(struct tomoyo_request_info *r,

			     struct tomoyo_domain_info *domain)

			     struct tomoyo_domain_info *domain)

{

{

	memset(r, 0, sizeof(*r));

	memset(r, 0, sizeof(*r));

 *

 *

 * Caller holds tomoyo_read_lock().

 * Caller holds tomoyo_read_lock().

 */

 */

static const struct tomoyo_path_info *

const struct tomoyo_path_info *

tomoyo_get_file_pattern(const struct tomoyo_path_info *filename)

tomoyo_get_file_pattern(const struct tomoyo_path_info *filename)

{

{

	struct tomoyo_pattern_entry *ptr;

	struct tomoyo_pattern_entry *ptr;

}

}

/**

/**

 * tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "rewrite", "chroot", "mount" and "unmount".

 * tomoyo_path_perm - Check permission for "unlink", "rmdir", "truncate", "symlink", "rewrite", "chroot" and "unmount".

 *

 *

 * @operation: Type of operation.

 * @operation: Type of operation.

 * @path:      Pointer to "struct path".

 * @path:      Pointer to "struct path".

			tomoyo_put_number_union(&entry->minor);

			tomoyo_put_number_union(&entry->minor);

		}

		}

		break;

		break;

	case TOMOYO_TYPE_MOUNT_ACL:

		{

			struct tomoyo_mount_acl *entry

				= container_of(acl, typeof(*entry), head);

			tomoyo_put_name_union(&entry->dev_name);

			tomoyo_put_name_union(&entry->dir_name);

			tomoyo_put_name_union(&entry->fs_type);

			tomoyo_put_number_union(&entry->flags);

		}

		break;

	default:

	default:

		printk(KERN_WARNING "Unknown type\n");

		printk(KERN_WARNING "Unknown type\n");

		break;

		break;